The Meridix Platform support two-factor authentication through the default methods e-mail (SMTP) and OTP (Authenticator apps such as Microsoft Authenticator or Google Authenticator). Additionally, SMS (twilio (SMS SaaS vendor)), and SMPP (smpp) methods are supported options.
The configuration is done through the standard property provider system. The 2FA can be configured on system-, reseller-, or customer level but not on the user level.
The system can and should have at least two providers set (not required). To disable 2FA completely do not set any providers at all.
Property key | Valid values (bold=default) | Description | ||
---|---|---|---|---|
security.two_factor_authentication_required | true | false | Should the system enforce two factor authentication on system/reseller/customer level. False means all the users can set up 2 factor authentication optionally from My account. | ||
security.two_factor_authentication_scope | none | all| admin | system | system-admin | For who should the system enforce two factor authentication. | ||
security.two_factor_authentication_provider_types | email|otp|twilio|smpp | The enabled two factor authentication provider types delimited by |. Options:
| ||
security.two_factor_authentication_valid_for_minutes | -1 | integer | The time between two factor authentication requests. I.e. if the user have previously logged in the within the last X minutes the 2fa step is skipped. |
Configuration example using basic.config
...